[Sumit4]

I saw some servers which are working normally like UIF that means these servers have any strong protection against these attacks?

[Shaheen]

Quote:

Originally Posted by iLearner Ad: looking for some guys who are cookie flooding samp servers to make a contract with them to stop the floods on my servers. Contact me via pm or discord! PS: moderators should stop deleting our threads regarding this issue, it's not going to help.

Same Words i have to say about my server.
Contact me via pm and we will have a peace talk..

[RDM]

Quote:

Originally Posted by Shaheen Same Words i have to say about my server. Contact me via pm and we will have a peace talk..

Protection for this attack! https://sampforum.blast.hk/showthread.php?tid=639962

add these rules in Hardware firewall and block 95 % fake packets !

[Christofski]

Quote:

Originally Posted by RDM Protection for this attack! https://sampforum.blast.hk/showthread.php?tid=639962 add these rules in Hardware firewall and block 95 % fake packets !

this is useless to anyone using a VPS unfortunately and I do not feel like switching out to a dedicated machine just for one sa-mp serv

[RDM]

Quote:

Originally Posted by Christofski this is useless to anyone using a VPS unfortunately and I do not feel like switching out to a dedicated machine just for one sa-mp serv

It is not useless if the company you hire adds similar rules in the hardware firewall !!

I could help you if you were on a network within my reach!

[PrettyDiamond]

Quote:

Originally Posted by RDM Protection for this attack! https://sampforum.blast.hk/showthread.php?tid=639962 add these rules in Hardware firewall and block 95 % fake packets !

I tested it and this doesnt works for me, and i think doesnt works for anyone. Stop to difuse lies here. You cannt test itself because you dont get attacked by this kind of attack. So delete your unusefull postings and you do a lot good for us victims.

[PrettyDiamond]

Quote:

Originally Posted by Christofski this is useless to anyone using a VPS unfortunately and I do not feel like switching out to a dedicated machine just for one sa-mp serv

I have a dedicated machine with debian 9 and all securitys for spoof attacks, so this isnt a problem only of VPS owners.

[Christofski]

Quote:

Originally Posted by RDM It is not useless if the company you hire adds similar rules in the hardware firewall !! I could help you if you were on a network within my reach!

I am with OVH and am in contact with them, PM me some more details, I have rules set in my firewall currently.

[RDM]

Quote:

Originally Posted by PrettyDiamond I tested it and this doesnt works for me, and i think doesnt works for anyone. Stop to difuse lies here. You cannt test itself because you dont get attacked by this kind of attack. So delete your unusefull postings and you do a lot good for us victims.

Hello my servers are on the attack ..

My hardaware firewall is barring fake packages!

My hosted tab server: 167.114.201.74:7777


I am making significant improvements in my rules,
I am migrating to iptables and soon I will update them in my github!

[1nspire]

The attacker should be dumb as hell to share a solution with you even if you donate him a fortune, because obviously, this solution will be shared publicly here, quit whining, sit on your ass and let the kiddo spend mom and dad's money and enjoy while it lasts. Actually, why not create a GoFundMe for him?

The flood itself isn't big of a deal and can barely do shit, except making your server query slow, stop panicking and praising 'Lord Mr. Flooder', I bet he's around here, laughing his ass off on cringe comments, which 80% of this thread consist of.

[RDM]

Quote:

Originally Posted by PrettyDiamond I have a dedicated machine with debian 9 and all securitys for spoof attacks, so this isnt a problem only of VPS owners.

You did not understand my locking logic,
The attack is spoofed, the attacker only sends a packet of each query and cookie connection, after he does not send more with the same ip!

So I drop all 1 pack of all the customers!


Please see new version in my github! :https://github.com/Edresson/SAMP-Fir...er/Firewall.sh


In my github has a simple script that simulates the attacker attack to test, I created the same in 3 minutes!
It's very simple to fake udp packages!

[Battlezone]

Quote:

Originally Posted by 1nspire The attacker should be dumb as hell to share a solution with you even if you donate him a fortune, because obviously, this solution will be shared publicly here, quit whining, sit on your ass and let the kiddo spend mom and dad's money and enjoy while it lasts. Actually, why not create a GoFundMe for him? The flood itself isn't big of a deal and can barely do shit, except making your server query slow, stop panicking and praising 'Lord Mr. Flooder', I bet he's around here, laughing his ass off on cringe comments, which 80% of this thread consist of.

The 'not a big deal you're talking about dropped my players avg from 90 to 40, and not only mine but other popular servers as well, how about that?
Stop shit talking, yor reply is useless and not at all helpful, keep your irony for yourself

[1nspire]

Quote:

Originally Posted by Battlezone The 'not a big deal you're talking about dropped my players avg from 90 to 40, and not only mine but other popular servers as well, how about that? Stop shit talking, yor reply is useless and not at all helpful, keep your irony for yourself

I'm pretty sure the 'no big deal' I'm talking about didn't drop your average player-base from 90 to 40, or even if it did - that means you haven't informed your players about what's going on the same way Kalcor doesn't inform us what's going on, having said that, I do NOT see any changes in the playerbase of popular serves, another funny thing is that you cannot just say your average playerbase dropped with more than 50% for 48 hours, that's something you calculate monthly, not daily, so excuse mua.

https://gyazo.com/85abd6696d7d766d003ccb4cd6a9977c
I don't clearly see a major drop in your player-base, don't know where you took all these numbers from.

If you consider my post shit-talking (obviously against the ehm... attacker?) then you should go learn the definition of shit-talking, I was actually trying to calm people down and not let them fund the one who's ruining shit, my reply is less useless and more helpful than other replies that advice you to ban millions of IPs from all around the world in order to "save your server" for a single day before they start using new ranges, smart.

__
EDIT: Your Discord invite link is expired, no actual announcements on your forums nor the webpage about the issue, you could either start communicating with your players or expect even bigger drops of your player-base, go with the first option and quit blaming people over SA-MP forums.

[Kaperstone]

Did anyone receive a demand from the flooders?

[Crystallize]

The best solution for now is turning your server off till all of this is solved

[iLearner]

Quote:

Originally Posted by Crystallize The best solution for now is turning your server off till all of this is solved

I disagree. If you have a vps just change port and Create a default server on current port and tell your users to go there.

(why our posts are being deleted)

[10MIN]

cuber found the tool that the attackers use, but his post got delleted...

[Crystallize]

Quote:

Originally Posted by iLearner I disagree. If you have a vps just change port and Create a default server on current port and tell your users to go there. (why our posts are being deleted)

I have no idea its so annyoing 99% of my posts are gone.What do you mean with ports?

[Sew_Sumi]

Quote:

Originally Posted by 10MIN cuber found the tool that the attackers use, but his post got delleted...

Because posting shit like that sends it out to more people that don't know about it, and more attacks happen...

After all, same with the hacks and all that shit... Do you think it's a good thing to simply post out "Oh it's XXX" and blatantly inform everyone of what it is that's causing it, without any thinking that others will download and start attacking other peoples servers?

[RDM]

Quote:

Originally Posted by Crystallize I have no idea its so annyoing 99% of my posts are gone.What do you mean with ports?

The attackers have a script for port 7777 if you use another els will have greater difficulty! If you use a different port they will have to clone the packages again!

If we all use ports one very different from the other makes it impossible to do them!